Trojan

Trojan:Win32/Copak.MBKO!MTB removal guide

Malware Removal

The Trojan:Win32/Copak.MBKO!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/Copak.MBKO!MTB virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Uses Windows utilities to create a scheduled task
  • Deletes executed files from disk
  • Uses suspicious command line tools or Windows utilities
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Trojan:Win32/Copak.MBKO!MTB?



File Info:

name: 534AC4899CEF812D4EE9.mlw
path: /opt/CAPEv2/storage/binaries/82a3cd8fff3b5e9957d1e9ed0f69dd08e1c10ad4c5a4a19e43104c1aa9a61573
crc32: 1FBB4E93
md5: 534ac4899cef812d4ee9d22923d0bf57
sha1: 89ad0c6348177ca47ed0c9300130431af0cb39bb
sha256: 82a3cd8fff3b5e9957d1e9ed0f69dd08e1c10ad4c5a4a19e43104c1aa9a61573
sha512: e9b140ae098329eb5cbfa44060aac25712e3149eb48dc2c5714646dcce7231d7663dffb8511ad4aab09b330e7d0cd271048373434535430b91e872a78f0bf8bd
ssdeep: 12288:DxEcf1SX85oVngTAeEPRWWnm3CmiiifugVLNU+CIRVLxSqibBl:qcIXhnZeEPRRjfBRe7IRVLxSqibBl
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F9C4F149B1061BF3CE4212B03A4556D7B705887DF319DDE148AAC32B2237E7897F72A6
sha3_384: 44455e59dc82f17322b0f94e205e61fec117d29e7ab1fc0fcb3c5245d94b059c339ab474125059f374632880313f85ab
ep_bytes: 68000000005a534e4881c6c2b0764959
timestamp: 1975-06-24 00:00:00


Version Info:

0: [No Data]

Trojan:Win32/Copak.MBKO!MTB also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Khalesi.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Barys.431886
SkyhighBehavesLike.Win32.Ctsinf.hc
McAfeeGlupteba-FTTQ!534AC4899CEF
Cylanceunsafe
ZillyaTrojan.Kryptik.Win32.4363321
SangforSuspicious.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojan:Win32/Khalesi.f6986557
K7GWTrojan ( 0058e60a1 )
K7AntiVirusTrojan ( 0058e60a1 )
ArcabitTrojan.Barys.D6970E
BitDefenderThetaGen:NN.ZexaE.36680.K0Z@aGgmKjc
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.HTKQ
CynetMalicious (score: 100)
APEXMalicious
ClamAVWin.Malware.Renos-10003934-0
KasperskyHEUR:Trojan.Win32.Khalesi.pef
BitDefenderGen:Variant.Barys.431886
NANO-AntivirusVirus.Win32.Gen.ccmw
AvastWin32:Evo-gen [Trj]
TencentMalware.Win32.Gencirc.13f42b73
SophosMal/Generic-S
F-SecureTrojan.TR/Crypt.ZPACK.Gen
VIPREGen:Variant.Barys.431886
EmsisoftGen:Variant.Barys.431886 (B)
IkarusTrojan.Win32.Krypt
VaristW32/Khalesi.J.gen!Eldorado
AviraTR/Crypt.ZPACK.Gen
Antiy-AVLTrojan/Win32.Kryptik
KingsoftWin32.Trojan.Khalesi.pef
MicrosoftTrojan:Win32/Copak.MBKO!MTB
ZoneAlarmHEUR:Trojan.Win32.Khalesi.pef
GDataWin32.Trojan.PSE.WEKX0Z
GoogleDetected
Acronissuspicious
VBA32BScope.Trojan.Wacatac
MAXmalware (ai score=80)
MalwarebytesMachineLearning/Anomalous.100%
PandaTrj/Chgt.AC
TrendMicro-HouseCallTROJ_GEN.R002C0PK223
RisingTrojan.Generic@AI.100 (RDML:JMxWDGO3fIDwI1rJPtL3+w)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.74820851.susgen
FortinetW32/Kryptik.T!tr
AVGWin32:Evo-gen [Trj]
Cybereasonmalicious.348177
DeepInstinctMALICIOUS

How to remove Trojan:Win32/Copak.MBKO!MTB?

Trojan:Win32/Copak.MBKO!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment